PROP - Patronage of PHP Web Applications

C. Sireesha; G. Jyostna; P. Raghu Varan; and P. R. L. Eswari

arXiv:1506.05071·cs.CR·June 17, 2015·1 cites

PROP - Patronage of PHP Web Applications

C. Sireesha, G. Jyostna, P. Raghu Varan, and P. R. L. Eswari

PDF

Open Access

TL;DR

This paper analyzes PHP web applications' vulnerabilities using static and dynamic analysis to identify security flaws caused by improper validation and logical flaws, aiming to improve security practices.

Contribution

It introduces a comprehensive analysis approach combining static and dynamic methods to detect vulnerabilities in PHP web applications.

Findings

01

Identification of common security flaws in PHP applications

02

Effectiveness of combined static and dynamic analysis methods

03

Insights into logical and validation-related vulnerabilities

Abstract

PHP is one of the most commonly used languages to develop web sites because of its simplicity, easy to learn and it can be easily embedded with any of the databases. A web developer with his basic knowledge developing an application without practising secure guidelines, improper validation of user inputs leads to various source code vulnerabilities. Logical flaws while designing, implementing and hosting the web application causes work flow deviation attacks. In this paper, we are analyzing the complete behaviour of a web application through static and dynamic analysis methodologies.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsWeb Application Security Vulnerabilities